A Feedback-Based Testing Methodology for Network Security Software

Abstract

As part of network security testing, an administrator needs to know whether thefirewall enforces the security policy as expected or not, In this setting, black-box testing and evaluation methodologies can be helpful. In this work, we employ a simple mutation operation, namely flipping a bit, to generate mutant firewall policies and use them to evaluate our previously proposed weighted test case selection method for firewall testing. In the previously proposed firewall testing approach, abstract test cases that are automatically generated from firewall decision diagrams instantiated are by selecting test input values fromdifferent test data pools for each field of firewall policy. Furthermore, a case study is presented to valdate the proposed approach.